Nipper enables network administrators, security professionals and auditors
to quickly produce reports on key network infrastructure devices.
tested by rui and Nigel J. Taylor
ok rui@
Nipper enables network administrators, security professionals and auditors
to quickly produce reports on key network infrastructure devices.
testing by rui and Nigel J. Taylor who also provided a patch
ok rui@
- A vulnerability in ClamAV's chm-parser allowed remote attackers to
cause a denial of service (application crash) via a malformed CHM file
(CVE-2008-1389).
- A vulnerability in libclamav would allow attackers to cause a
denial of service via vectors related to an out-of-memory condition
(CVE-2008-3912).
- Multiple memory leaks were found in ClamAV that could possibly allow
attackers to cause a denial of service via excessive memory consumption
(CVE-2008-3913).
- A number of unspecified vulnerabilities in ClamAV were reported that
have an unknown impact and attack vectors related to file descriptor
leaks (CVE-2008-3914).
various OpenBSD patches rolled in upstream. thanks to sturm@
for looking over systrace.filter (needed for the test of sendmsg()
in configure to enable FD passing).
this change requires bumping other ports which use it. pointed
out by naddy, thanks!
- add a comment in Makefile to warn others not to do the same.
ok naddy@
- fixes DoS with MailFollowURLs (CVE-2008-2713)
- improves handling of PDF, CAB, RTF, OLE2 and HTML files
and includes various bugfixes for 0.93 issues.
"if it works" mbalmer@
Object oriented interface to create salted (or seeded) hashes of clear
text data. The original formalization of this concept comes from
RFC-3112 and is extended by the use of different digital agorithms.
from Jim Razmus
logs, such as those found in OpenBSD. It offers a browser-based interface
for quickly reviewing log events and performing deeper analysis.
help from okan@ and merdely@
ok ajacoutot@
